IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.
2019-10-04T14:15:11.327
2024-11-21T04:43:20.900
Modified
CVSSv3.1: 7.3 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | ibm | mq | ≤ 8.0.0.12 | Yes |
Application | ibm | mq | ≤ 9.0.0.6 | Yes |
Application | ibm | mq | ≤ 9.1.2 | Yes |
Application | ibm | mq | ≤ 9.1.0.2 | Yes |